CryptoWall and Other Ransomware

CryptoWall and Other Ransomware

If your computer looks similar to the image, you’ll either need to get your backup ready, get out your wallet, or kiss your files goodbye, since you’ll never be able to access them again.

You’ve been hit by CryptoWall.

What is this and how did I get it?

CryptoWall (and similar variants) is ransomware, a type of infection that restricts access to your files and demands money to remove the restriction. This is done using powerful encryption methods, the kind that make it virtually impossible for you to do anything about. Your files simply will not open, from business information to family photos. You’re then given an ultimatum: pay a large amount of money (~$500 USD is a fairly current figure at the time of this post) by a certain time, or the cost of getting your files back will double.

CryptoWall and its ilk are normally distributed through malicious emails and “drive-by” attacks which can be something like an infected ad on a legitimate website. Emails will often contain cryptic messages with an attachment (“Here’s my resume for your consideration!” with an attached .zip file) while infected websites will simply look for vulnerabilities in your system… out of date programs or Windows that hasn’t had its updates applied.

What should I do to prevent this in the future?

First, let me start by saying this: If you don’t absolutely need the files that you’re locked out of, don’t pay the ransom. It says to the authors of this awful program that their method is effective and people are willing to pay them.

That being said, there are some things you can do to prevent a future infection and even mitigate the damage should another event occur:

Use an antivirus program that is constantly updated and does active scans (BitDefender is a good recommendation here and has some defense against CryptoWall)

Check for Windows Updates regularly, these updates patch holes that infections can exploit

Additionally, make sure your other programs such as Chrome, Java and iTunes are up to date (Ninite is a great free tool for this)

Follow safe internet practices by not opening attachments in emails from unknown senders or clicking links you’re unsure about

Backup, backup, backup! If you ignore everything else in this article, follow this one piece of advice. If making a backup to a USB or external drive, unplug it each time you back up your files until the next time… this can help prevent the backup from getting infected as well. Otherwise look into a professional backup service, such as BackBlaze.

For all the wonders of technology, we also live in a world where we must scrutinize what we are doing on the computer in order to remain safe. So long as there is profit to be made from creating these infections, they will exist. Keep up to date, be careful what you click or open… and have a backup in place should the worst happen to you.